ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
SSO Authentication fails with SAML Exception
Article ID: 76642
CA Release Automation - Release Operations Center (Nolio)CA Release Automation - DataManagement Server (Nolio)
Single Sign On (SSO) Authentication fails with the following SAML Exception error:
2018-03-19 09:06:57,701 [http-nio-8443-exec-18] INFO (org.springframework.security.saml.log.SAMLDefaultLogger:127) - AuthNResponse;FAILURE;10.25.100.170;https://reliant:8443/datamanagement/saml/metadata;http://sts.dpi.wa.gov.au/adfs/services/trust;;;org.opensaml.common.SAMLException: Response has invalid status code urn:oasis:names:tc:SAML:2.0:status:Responder, status message is null
2018-03-19 09:06:57,736 [http-nio-8443-exec-18] WARN (com.nolio.platform.server.dataservices.services.auth.providers.PostAuthenticationEventHandler:125) - Failed to login as <User>
Release Automation Version - 6.5
1. “java.security.InvalidKeyException: Illegal key size error is generated” error which occurs because AES is limited to 128-bit key size encryption on a default JDK installation.
For Java 8 with an update level 150 and lower to perform 192-bit or 256-bit AES encryption, you must download and install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files. a. Go to the Oracle website and search for ‘Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files’. b. Download the zip file for java 8 and extract it on your drive. c. Copy the extracted files to /jre/lib/security folder (replacing existing files if necessary). d. Restart the server.
2. The claim rule should be configured in Windows ADFS as 'User-Principle-Name' and not 'SamAccountName'
3. Ensure that the Active Directory properties are defined in the distributed.properties configuration file.